Reference websites for interview questions:

https://medium.com/@teqstories/aws-solutions-architect-job-interview-general-questions-f19fa1f
666d

https://github.com/bregman-arie/devops-exercises/blob/master/certificates/cloud-practitioner.md

https://mindmajix.com/aws-interview-questions#frequently

Reference to understand basics of extra topics:

EBS-
https://aws.amazon.com/ebs/?ebs-whats-new.sort-by=item.additionalFields.postDateTime&ebs-
whats-new.sort-order=desc
https://www.youtube.com/watch?v=DS1nF1WBGKk
EFS-
https://aws.amazon.com/efs/
https://www.youtube.com/watch?v=6ZIPBC78U0s
https://www.youtube.com/watch?v=4jy2FILK5R8
https://www.youtube.com/watch?v=m9mKzdBE90I
SQS-
https://aws.amazon.com/sqs/getting-started/
Redshift-
https://www.youtube.com/watch?v=fc5WPKnbam8
https://aws.amazon.com/redshift/getting-started/
Dynamodb-
https://aws.amazon.com/dynamodb/getting-started/

Q: ​Is web-hosting possible using S3?

Yes, web-hosting is possible using the S3 service.
● First, create an s3 bucket and name it with the name of the website so that it is both
unique and readable.
● Set permissions to Public so that the website is publicly accessible.
● Get the ARI of the bucket and create a policy from Permissions using a policy generator.
● Add the website files to the bucket, go to Properties and select Static Web Hosting.
● Provide the relevant details, and the website is ready to be hosted without using a
server.
● The Endpoint in the Static Web Hosting will be the URL for the website.
● The website can be re-routed using Route53 to the domain name we prefer.

Q:​ Is it possible to SSH into the EC2 instance without the .pem file?
No, the .pem file is only available at the time of the instance creation. It must be downloaded
and saved at that time only. In case the .pem file is lost or wasn’t saved, the user can never ssh
into the instance.
Q: ​What should be done if the .pem file is missing?
A new instance needs to be created and sync all the databases and instances of the previous
instances to the new instance, and once the new instance is up running, the old instance can be
terminated.

Q: ​What are the different types of Cloud Services and their differences.
There are four types of Cloud Services:
● SaaS(Software as a Service)- SaaS is a ​fully-developed software solution​ ready for
purchase and uses over the internet on a subscription basis. The SaaS provider
manages the infrastructure, ​operating systems, middleware, and data​ necessary to
deliver the program, ensuring that the software is available whenever and wherever
customers need it. ​Examples of SaaS:​ Microsoft Office 365, Salesforce, Cisco WebEx,
Google Apps.
● PaaS(Platform as a Service)- PaaS ​provides the framework needed​ to build, test,
deploy, manage, and update software products. It also includes the operating systems,
middleware, development tools, and database management systems needed to create
software applications—examples​ of PaaS:​ AWS Elastic Beanstalk, Apache Stratos,
Google App Engine, Microsoft Azure.
● Iaas(Infrastructure as a Service)- IaaS is the most comprehensive and flexible cloud
service type. It provides a ​completely virtualised computing infrastructure​ that is
provisioned and managed over the internet. An IaaS provider manages the physical end
of the infrastructure (​servers​, ​data storage space​, etc.) in data centres but allows
customers to customise those virtualised resources to suit their specific needs fully.
Examples of IaaS:​ Microsoft Azure, Amazon Web Services (AWS), Cisco Metacloud,
Google Compute Engine (GCE).
● Faas(Function as a Service)- Also known as ​serverless computing​, FaaS allows
customers to execute code responsively without allocating processing resources ahead
of time. The cloud provider handles the infrastructure, allowing the customer to focus
strictly on deploying application code. Functions scale automatically, making them an
excellent fit for dynamic workloads that fluctuate in resource consumption. Customers
only pay for the resources they use, making FaaS the truest form of “pay-as-you-go”
cloud computing. ​Examples of FaaS:​ AWS Lambdas, Azure Functions.

Q: ​What is the difference between Region and Availability zone in AWS?

AWS Regions are large and widely dispersed into separate geographic locations. Availability
Zones are distinct locations within an AWS Region engineered to be isolated from failures in
other Availability Zones.

Q: ​What happens when an EC2 instance becomes unhealthy?

When an instance goes unhealthy, the ELB detects the unhealthy instance and terminates it,
and the auto-scaling group replaces it with a new EC2 instance. While the new instance comes
online, it starts routing incoming traffic to other healthy ​instances​ in the region.
Q: ​What happens if an auto-scaled instance is terminated manually?
If we terminate instances and decrement the desired capacity, preventing replacement
instances from launching, the group can become unbalanced. If this occurs, Amazon EC2 Auto
Scaling compensates by rebalancing the Availability Zones.

Q: ​What is an internet gateway?

An Internet Gateway is a logical connection between an Amazon VPC and the Internet. It is ​not
a physical device. Only one IG can be associated with each VPC. It does ​not​ limit the bandwidth
of Internet connectivity.

Q: ​What is a bastion host?

Instances launched into private subnets can be accessed by the bastion host. These are
instances launched in the public subnet. We need to create a security group that allows ingress
SSH or RDP only from the bastion host. And assign this security group to the instances present
in the private subnet.

Q: ​What are different levels of security present in AWS to prevent your resources?
There are two security layers present for our resources in AWS VPC. One is network-level
security, also known as NACL(Network access control list), and another one is instance-level
security, know as security group(SG).

Q: What are the different type of storage present in AWS?

● Block-Based (EBS)
● File-Based (EFS)
● Object-Based (S3)

Q: ​Why there is a need for EFS when there is S3 already present?

As S3 is object-based storage, we cannot store files with locks and permissions. Therefore it is
not possible to mount an S3 to an EC2 instance. Whereas EFS is file-based storage, and it can
be used to mount to multiple EC2 instances.

Q: ​What is the difference between EBS and EFS?

EBS and EFS’s main differences are that EBS is only accessible from a single EC2 instance in
your particular AWS region. At the same time, EFS allows you to mount the file system across
multiple regions and instances.

Q:​ What happens to the data stored for a very long time in the S3 bucket?
After adding data to the S3 bucket and kept unused for a long time(30 days in general), the data
gets archived and will ve moved to the S3 Glacier. Glacier is comparatively very cheap but takes
time to restore the data to the local machines.

Q: ​What is AWS Snowball?

Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer
large amounts of data into and out of the AWS cloud. Snowball addresses common challenges
with large-scale data transfers, including high network costs, long transfer times, and security
concerns.

Q: ​What is an SQS dead-letter queue (DLQ), and what could you use it for?
SQS is Amazon’s fully managed distributed queue service. Queues are useful for handling
communication between different services or other components in distributed systems.

A DLQ is a special queue for messages that could not be adequately processed. These queues
are specially used for debugging and troubleshooting applications.

Q: ​Suppose you have hired a team of DevOps freelancers to set up your infrastructure.
You create an IAM group called “DevOps” and add the team to that group. After the team
finishes setting your infrastructure up, they leave your project. What actions should you
take?
You should delete only the user accounts from the developers and keep the IAM group. It is
possible that, in the future, you will want to hire more DevOps freelancers to change your
infrastructure. Keeping the IAM group will mean you kept the underlying set of policies, and
therefore, future users can reuse those policies.

Q:​ How many Elastic IPs can you create?

5 VPC Elastic IP addresses per AWS account per region

Q: ​Difference between Amazon RDS, DynamoDB and Redshift?

Ans: RDS is meant for structured data only. DynamoDB is meant for unstructured data, which is

a NoSQL service. Redshift is a data warehouse product used for data analysis.

Q: ​What is the use of Route Table?

Ans: Route Table is used to route the network pockets. Generally, one route table would be

available in each subnet. Route table can have any no. of records or information. Hence

attaching multiple subnets to a route table is also possible.